Blog
What Is GitOps? Continuous Delivery to Kubernetes with ArgoCD
DevOps

What Is GitOps? Continuous Delivery to Kubernetes with ArgoCD

In traditional CI/CD pipelines, deploy commands are triggered externally and drift can occur between the cluster state and Git. GitOps treats the Git repository as the single source of truth, and ArgoCD continuously synchronizes this source with the Kubernetes cluster. This guide covers GitOps princ

A

Ahmet Yılmaz

Senior Infrastructure Engineer

March 21, 202612 min read0

In traditional CI/CD pipelines, deploy commands are triggered externally and drift can occur between the cluster state and Git. GitOps treats the Git repository as the single source of truth, and ArgoCD continuously synchronizes this source with the Kubernetes cluster. This guide covers GitOps principles, ArgoCD installation, and production practices.

What Is GitOps?

GitOps is an operational model where all infrastructure and application configuration is stored in Git, and the cluster state is automatically reconciled with this configuration. It has four core principles:

  • Declarative Configuration All infrastructure and application state is defined as YAML/JSON. You specify "what should exist," not "how to do it."
  • Git as Single Source of Truth The Git repository is the sole source of desired state. Manual changes made in the cluster are automatically reverted.
  • Automatic Synchronization Changes in Git are automatically applied to the cluster. No manual kubectl commands needed.
  • Continuous Reconciliation The agent continuously compares cluster state with Git and corrects any drift.

ArgoCD Installation

ArgoCD is installed as a namespace in your Kubernetes cluster and managed via web UI, CLI, and API.

terminal
# Create namespace and install ArgoCD
$ kubectl create namespace argocd
$ kubectl apply -n argocd -f \
    https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# Get admin password
$ argocd admin initial-password -n argocd

# Port-forward for web UI access
$ kubectl port-forward svc/argocd-server -n argocd 8080:443

Defining an ArgoCD Application

In ArgoCD, each application is defined with an Application CRD. This resource specifies the Git repository, target cluster, and sync policy.

application.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: web-app
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://github.com/company/k8s-manifests.git
    targetRevision: main
    path: apps/web-app/production
  destination:
    server: https://kubernetes.default.svc
    namespace: production
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
    - CreateNamespace=true

💡 Tip: The selfHeal: true setting automatically reverts manual changes made in the cluster. In production, this prevents drift but you may need to temporarily disable it for emergency interventions.

For Kubernetes fundamentals, check our Introduction to Kubernetes guide. For package management with Helm, see our Helm Chart guide. For CI/CD integration, explore our GitHub Actions guide. The ArgoCD documentation and OpenGitOps principles are valuable additional resources.

Frequently Asked Questions

What is the difference between GitOps and traditional CI/CD?

In traditional CI/CD, the pipeline pushes to the cluster externally. In GitOps, an agent inside the cluster pulls from Git. This means cluster credentials are not stored in the CI system, improving security.

Should I choose ArgoCD or Flux?

ArgoCD offers a rich web UI and multi-cluster support, suitable for those who prefer visual management. Flux is lighter and CLI-focused, extensible with components like Terraform Controller. Flux is recommended for small teams, ArgoCD for larger organizations.

Is GitOps only for Kubernetes?

GitOps principles can be applied to any declarative system, but the most common use is with Kubernetes. Tools like Terraform, Crossplane, and Pulumi enable GitOps for non-Kubernetes infrastructure as well.

How do I store Secrets in Git?

Never store secrets as plain text in Git. Use Sealed Secrets, SOPS, or External Secrets Operator to store them encrypted. ArgoCD offers native integration with these tools.

Conclusion

GitOps makes Kubernetes deployment processes Git-centric, providing auditability, repeatability, and security. Set up automatic synchronization and self-healing with ArgoCD to prevent cluster drift. Keep your application manifests in a separate Git repository and limit your CI pipeline to image building only.

Powerful Servers for Your GitOps Infrastructure

Build your GitOps pipeline quickly with Hosted Cloud Kubernetes infrastructure.

Explore Cloud Server Plans →

Share

Twitter/X LinkedIn
A

Ahmet Yılmaz

Senior Infrastructure Engineer

With over 10 years of experience in cloud infrastructure and DevOps, Ahmet specializes in Kubernetes, Terraform, and high-availability architectures.

Comments coming soon